Computer/Technical Help

I cant seem to get Hijackthis to run. Keeps saying it was a bad install...........

green_bird reminded me... since i've always had Windows Media Player installed, all my media files, like videos, wavs, mp3s, etc. always have on their right click menu, 'Add to Playlist' and the like. is the only way to get rid of these to go to the registry and delete the keys from each specific file type, or is there an easier way? so far i've just been too lazy to go to the registry and get rid of them.

I have a Labtec Optical Mouse. right now it's on my computer by USB. it came w/an adapter to make it hook in the PS/2 port, which I now want to do to free up the USB port back there. but it doesn't work. I tried plugging it in, jigglying it, going through every mouse related thing on my Hardware list... the manual for the mouse says, it should work fine, just plug it in USB or PS/2 and you're all set. i tried restarting the computer (isn't it not suposed to boot up if it doesn't detect a mouse? or is it keyboard..) and it didn't work. So for now, I put it back on USB.

i have another adapter that came with our keyboard. it's the same thing only instead of green plastic, it's purple. i know it works cause i used it. i tried that w/the mouse too, didn't work.

what can i do to make this mouse work on my PS/2 port?

p.s. i tried like all the different menu programs, didn't like them, i'll probably stick with the quick launch for now.

quote:

Originally posted by Captain Haruka I cant seem to get Hijackthis to run. Keeps saying it was a bad install...........

Try downloading it again using a different download location from the list. If your computer is infected, you might need to use this link instead.

quote:

Originally posted by NVWC2006 green_bird reminded me... since i've always had Windows Media Player installed, all my media files, like videos, wavs, mp3s, etc. always have on their right click menu, 'Add to Playlist' and the like. is the only way to get rid of these to go to the registry and delete the keys from each specific file type, or is there an easier way? so far i've just been too lazy to go to the registry and get rid of them.

There's no quick way that I know of besides going through each file type, but you can avoid using the registry. To do this, open up Windows Explorer, then on the Tools menu, click Folder Options. On the File Types tab, find the particular types, then click the Advanced button and remove the actions that you don't want to appear on the menu.

quote:

I have a Labtec Optical Mouse. right now it's on my computer by USB. it came w/an adapter to make it hook in the PS/2 port, which I now want to do to free up the USB port back there. but it doesn't work. I tried plugging it in, jigglying it, going through every mouse related thing on my Hardware list... the manual for the mouse says, it should work fine, just plug it in USB or PS/2 and you're all set. i tried restarting the computer (isn't it not suposed to boot up if it doesn't detect a mouse? or is it keyboard..) and it didn't work. So for now, I put it back on USB. i have another adapter that came with our keyboard. it's the same thing only instead of green plastic, it's purple. i know it works cause i used it. i tried that w/the mouse too, didn't work. what can i do to make this mouse work on my PS/2 port?

Unlike USB, PS/2 devices are not immediately detected when they are plugged in. So, to use the PS/2 port for the mouse, you need to turn off the computer, plug the mouse in (be sure to use the correct port if there are two), then turn it back on again. If it still doesn't work, you may need to check your BIOS settings to make sure the PS/2 ports are enabled.

quote:

Originally posted by Krang quote: Originally posted by Captain Haruka I cant seem to get Hijackthis to run. Keeps saying it was a bad install........... Try downloading it again using a different download location from the list. If your computer is infected, you might need to use this link instead.

I did that. It still won't work.

EDIT: Also the "Online Security" and "Security Troubleshooting" icons keep popping up on my desktop. ANd AD-Aware doesn't run properly.

quote:

Originally posted by Krang Unlike USB, PS/2 devices are not immediately detected when they are plugged in. So, to use the PS/2 port for the mouse, you need to turn off the computer, plug the mouse in (be sure to use the correct port if there are two), then turn it back on again. If it still doesn't work, you may need to check your BIOS settings to make sure the PS/2 ports are enabled.

I checked the BIOS, there wasn't a PS/2 option on any list, the closest thing I found was under Boot Options, Serial Periphrials, which was already Enabled. i did find a boot check, where it would give errors if something was not connected, and told the computer to not yet run the OS if a mouse was disconnected.

like this, i turned off the computer and plugged the mouse in the mouse PS/2, and restarted. it started ok. which didn't make sense to me, seeing as the mouse still didn't work, it didn't even have the little optical light inside turn on.

so then, testing time, i restarted the computer w/the mouse removed (tho i kept the adapter plugged in) and this time, the computer stopped, and saw there was no mouse. so it IS detecting it, but like, not running it.

oh, and for the right click menu, those extra things, like Add to Now Playing List, Add to Sync List, they weren't in the file extension folder options.

Omega Drivers

If your video card ever gives you software-based lip, these might help.

quote:

Originally posted by Captain Haruka I did that. It still won't work. EDIT: Also the "Online Security" and "Security Troubleshooting" icons keep popping up on my desktop. ANd AD-Aware doesn't run properly.

Does it mention anything about a missing DLL? Also, what security software do you have installed that is displaying those icons? You most likely need to configure it to allow HijackThis.exe to run.

quote:

Originally posted by NVWC2006 like this, i turned off the computer and plugged the mouse in the mouse PS/2, and restarted. it started ok. which didn't make sense to me, seeing as the mouse still didn't work, it didn't even have the little optical light inside turn on. so then, testing time, i restarted the computer w/the mouse removed (tho i kept the adapter plugged in) and this time, the computer stopped, and saw there was no mouse. so it IS detecting it, but like, not running it.

It sounds like the PS/2 port is not getting any (or at least enough) power from the motherboard. If possible, you could test this by trying another optical mouse (preferably one that has a direct PS/2 connection rather than an adapter) and seeing if it works.

quote:

oh, and for the right click menu, those extra things, like Add to Now Playing List, Add to Sync List, they weren't in the file extension folder options.

The only other way is to use the registry. Go to Start > Run and type:
regedit
From there, go to HKEY_CLASSES_ROOT and find one of the file types that has those menu items. Once you find it, click it once and note the Data column for (Default) (for example, .avi has avifile listed on my computer). Now, under HKEY_CLASSES_ROOT, find a folder with the name you saw under the Data column above (avifile in my example) and look under "shell." There, you should find entries for the extra menu items. Right-click each one and select Delete (you might want to back up your registry first under File > Export).

I have a question, can the little windows update icon not show up in the systems tray (even under the little arrow thing) and still make the shut down say "important updates for windows need to be installed, click here to shut down without installing updates"?

I shut my computer down (by clicking the click here to shut down withou installing updates thing) and turned it back on.....usualy when I click that thing that says that goes away, but this time it didn't. Right now I'm doing a virus scan just incase it is one.

But another strange thing, sort of related to this, is that when I click properties on the taskbar and then customize, I get this:



If it is truely stuck at 66%, and if that even has anything to do with it....then why is it giving me there needs to be updates now, shouldn't it be when it reaches 100%?

Never the less, I'll just click the "shut down without installing updates" link until I figure out what's going on....

EDIT: If it helps, nothing showed up on the virus scan....so it could be just live updates acting up. If it is, how do I fix it?

quote:

Originally posted by Krang quote: Originally posted by Captain Haruka I did that. It still won't work. EDIT: Also the "Online Security" and "Security Troubleshooting" icons keep popping up on my desktop. ANd AD-Aware doesn't run properly. Does it mention anything about a missing DLL? Also, what security software do you have installed that is displaying those icons? You most likely need to configure it to allow HijackThis.exe to run.

Yes it does. And they are Windows icons

I've had a recent problem the last few days.

My computer is slowing down.

An example is a music file. It plays a bit, pauses, plays a bit, pauses... it's being like this with many things. like as i type right now, words don't appear like they normally do, not when i hit the key, but in blocks.

it's not like this all the time, but it's enough now that it's inhibiitng my work.

i ran spyware checks w/Ad-Aware (found 0), Spybot (found 1, removed it) and antivirus check w/avast (found a few in my sister's user name) but after that, the problem persists.

This slowness isn't the only symptom. someitmes, when i log into the computer, it will load my wallpaper, and the start menu, and icons on my desktop, and that's it. nothing else. so i click to run a program. it does nothing. i can try all i want, it does nothing for like 5 min, then all the programs i had tried to run pop up all at once.

the biggest clue i have to this is that on my list of processes, Sytem Idle Process is nolonger occupying all of the unused CPU space. System is now taking about 30, constantly. Other than this, nothing else is different. While I HAVE installed programs recently, this was after the problems began. it's irritating; i can't work like this.

quote:

Originally posted by Green_Bird I have a question, can the little windows update icon not show up in the systems tray (even under the little arrow thing) and still make the shut down say "important updates for windows need to be installed, click here to shut down without installing updates"?

Even if you hide the icon, it should still remind you of updates as long as the service is running and Automatic Updates are enabled in the Control Panel.

quote:

I shut my computer down (by clicking the click here to shut down withou installing updates thing) and turned it back on.....usualy when I click that thing that says that goes away, but this time it didn't. Right now I'm doing a virus scan just incase it is one. But another strange thing, sort of related to this, is that when I click properties on the taskbar and then customize, I get this: If it is truely stuck at 66%, and if that even has anything to do with it....then why is it giving me there needs to be updates now, shouldn't it be when it reaches 100%? Never the less, I'll just click the "shut down without installing updates" link until I figure out what's going on.... EDIT: If it helps, nothing showed up on the virus scan....so it could be just live updates acting up. If it is, how do I fix it?

The titles on the "Past Items" list are just snapshots of those windows at some point in the past, so the download probably isn't still stuck at 66%. Since then, the downloads most likely finished, so it should be safe to install them. Or, if you want to be careful, you can click "Windows Update" (or "Microsoft Update") on the Start Menu and download and install the updates manually.

quote:

Originally posted by Captain Haruka Yes it does. And they are Windows icons

In that case, try downloading and installing the necessary DLLs from this site. If it still doesn't work, try searching this site for the names of the missing DLLs. Once you download them, copy them to your system folder (usually C:\Windows\System on Windows 9x/Me and C:\Windows\System32 or C:\Winnt\System32 on Windows NT/2000/XP).

quote:

Originally posted by NVWC2006 I've had a recent problem the last few days. My computer is slowing down. An example is a music file. It plays a bit, pauses, plays a bit, pauses... it's being like this with many things. like as i type right now, words don't appear like they normally do, not when i hit the key, but in blocks. it's not like this all the time, but it's enough now that it's inhibiitng my work. i ran spyware checks w/Ad-Aware (found 0), Spybot (found 1, removed it) and antivirus check w/avast (found a few in my sister's user name) but after that, the problem persists. This slowness isn't the only symptom. someitmes, when i log into the computer, it will load my wallpaper, and the start menu, and icons on my desktop, and that's it. nothing else. so i click to run a program. it does nothing. i can try all i want, it does nothing for like 5 min, then all the programs i had tried to run pop up all at once. the biggest clue i have to this is that on my list of processes, Sytem Idle Process is nolonger occupying all of the unused CPU space. System is now taking about 30, constantly. Other than this, nothing else is different. While I HAVE installed programs recently, this was after the problems began. it's irritating; i can't work like this.

First, go to Start > Run and type:
msconfig
Then, on the Startup tab, disable any items that are not necessary. For example, any kind of "speed launch" or "quick launch" programs are not necessary, and you don't need Office Startup or FastFind if you have Office installed. Next, go to Start > Run again and type:
services.msc
Now, set any unnecessary services to either Manual or Disabled using this page as a guide (be sure to disable Indexing Service in particular). Once you are finished, restart your computer. The startup time should be greatly reduced, and the overall performance should be better as well.

God you are a genius. Here is the log file

The icons are to websites. One is
http://realsecurityonline.com/
and the other
http://youronlinesecurity.com/

Logfile of HijackThis v1.99.1
Scan saved at 6:54:00 AM, on 4/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
F:\h\utorrent.exe
C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\XIMETA\NetDisk\LDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\Documents and Settings\Captain Harlock\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.paradigm-city.com/forums/"); (C:\Documents and Settings\Captain Harlock\Application Data\Mozilla\Profiles\default\nook03bn.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSB
Web_01.src"); (C:\Documents and Settings\Captain Harlock\Application Data\Mozilla\Profiles\default\nook03bn.slt\prefs.js)
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hpEC3.tmp
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [µTorrent] "F:\h\utorrent.exe"
O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LANSCSI Helper Service (LanScsiHelper) - XIMETA, Inc. - C:\Program Files\XIMETA\NetDisk\LDServ.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\system32\snmptrap.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

First, make sure you have a copy of this post, since you won't be able to access the internet from safe mode. Now, boot into safe mode (reset your computer, then repeatedly press F8 as it's starting up until a menu shows up that allows you to start up in safe mode) and run HijackThis again. When it displays the results, check the boxes next to these items:

code: 1: 2: 3: 4: 5: O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hpEC3.tmp O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.net\PartyPokerNet\RunPF.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.net\PartyPokerNet\RunPF.exe (file missing)

Now click "Fix checked" and exit HijackThis, but don't reboot yet. While you're still in safe mode, open Windows Explorer under Start Menu > Accessories and select Folder Options from the Tools menu. On the View tab, make sure that "Show hidden files and folders" is selected and that "Hide protected operating system files" is not checked. Apply the changes if necessary. Now delete the following file:

code: 1: C:\WINDOWS\system32\hpEC3.tmp

Also, delete the following folders and everything in them:

code: 1: 2: C:\Program Files\Security Toolbar C:\Program Files\PartyGaming.net

Now restart your computer again, run HijackThis again, and post the new log to make sure the spyware is gone.

Logfile of HijackThis v1.99.1
Scan saved at 6:50:14 AM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
F:\h\utorrent.exe
C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\XIMETA\NetDisk\LDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\CTPdeSrv.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Captain Harlock\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.paradigm-city.com/forums/"); (C:\Documents and Settings\Captain Harlock\Application Data\Mozilla\Profiles\default\nook03bn.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSB
Web_01.src"); (C:\Documents and Settings\Captain Harlock\Application Data\Mozilla\Profiles\default\nook03bn.slt\prefs.js)
O2 - BHO: (no name) - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hp1386.tmp
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [µTorrent] "F:\h\utorrent.exe"
O4 - Startup: WorldTime.lnk = C:\Program Files\PawPrint.net\WorldTime\worldtime.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LANSCSI Helper Service (LanScsiHelper) - XIMETA, Inc. - C:\Program Files\XIMETA\NetDisk\LDServ.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\system32\snmptrap.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Same problems. same icons. Ad Aware still doesnt work.

The log looks clean except for one entry, and that entry, along with the icons, is part of a trojan that is particularly hard to remove. Try this first to see if it helps: Download Spybot - Search & Destroy from the link in the first post in this thread and update its definitions. Then, reboot in safe mode as before and run Spybot to see if it finds anything. Remove any spyware it detects, then restart and see if the problem is gone. If not, try downloading SmitRem from here and following the instructions on the site to install and run it.

BTW, what error message is displayed when you try to run Ad-Aware?

quote:

Originally posted by Krang The log looks clean except for one entry, and that entry, along with the icons, is part of a trojan that is particularly hard to remove. Try this first to see if it helps: Download Spybot - Search & Destroy from the link in the first post in this thread and update its definitions. Then, reboot in safe mode as before and run Spybot to see if it finds anything. Remove any spyware it detects, then restart and see if the problem is gone. If not, try downloading SmitRem from here and following the instructions on the site to install and run it. BTW, what error message is displayed when you try to run Ad-Aware?

I dont get an error message. It gets to a certain number of files scanned then stops. And does nothing. I left it on while I was at school jsut to see if I was impatient and same thing happened.

I ran AVG and it found nothing. I'm going to safe mode roight now.

I did it. Much more things found in safe mode. It wouldnt let me delete 2 things though. Said they were in use. One was newdotnet and the other was spyware quake.

At first it sounded like SpyAxe, but the removal for SpywareQuake is very similar. Follow this tutorial up to step 3, then restart your computer and let me know if the icons are gone.

As for Ad-Aware, try uninstalling it, then downloading and installing it again and see if it helps.

quote:

Originally posted by Krang At first it sounded like SpyAxe, but the removal for SpywareQuake is very similar. Follow this tutorial up to step 3, then restart your computer and let me know if the icons are gone. As for Ad-Aware, try uninstalling it, then downloading and installing it again and see if it helps.

Yes the icons are gone. But Ad-Aware still isn't working. Oh well.

What is the last item it scans before freezing up? Is it the same every time, or does it change?

quote:

Originally posted by Krang What is the last item it scans before freezing up? Is it the same every time, or does it change?

It appears to be a windows file with a long drawn out combination of letters and numbers.